Newsletter archive - Veterinary Practitioners Registration Board of Victoria

This article includes extracts from the March 2024 and November 2025 editions of Vetboard Victoria's newsletter. Content was current at the time of publication but there may have been changes since then, as rules, standards and professional and community expectations change over time. Readers are also referred to our Guidelines for appropriate standards of veterinary practice and veterinary facilities.

Cybersecurity actions for veterinary practitioners and businesses

Australian Government cyber threat reports from the Cyber Security Centre (Defence Signals Directorate) say that Australian residents and businesses are experiencing high levels of data breaches, ransomware attacks and identity theft. As an example, in 2024-25:

ReportCyber received 84,700 cybercrime reports - one every 6 minutes, 26% from Victoria.
The average cost to business of cybercrime was up 50% overall - small business up 14% ($56,600 average loss) and medium business up 55% ($97,200 average loss).

What we can all do

We can all take the following crucial basic actions:

use strong Multi-Factor Authentication (MFA) wherever possible
use strong and unique passwords or passphrases
keep software on devices updated
regularly back up important data
be alert for phishing messages and scams.

What veterinary businesses can do

The Board encourages all veterinary businesses to assess their vulnerability to cybercrime and prepare a cyber incident response plan. It is a matter of when, not if, you'll be subject to a cyberattack, so being able to respond quickly is imperative.

You will find useful resources at the Australian Cyber Security Centre, including

Assess your cyber security practices using Exercise in a Box
Read the Small Business Cyber Security Guide
Create a Cyber Incident Response Plan & Response Readiness Checklist
Report and recover - respond to cyber threats and take steps to protect your business from further harm

The Cyber Security Centre says, ‘Depending on the impact and severity of the cyber incident, it may be necessary to communicate with external stakeholders.’ Its Cyber Incident Response Plan contains a list of information to think about communicating to clients and other stakeholders. What you communicate to clients and other stakeholders would depend on the type of information obtained by unauthorised third parties, e.g. personal or payment information.

The Board also reminds vets and veterinary businesses to reduce the impact of any cyber breach by only collecting and storing necessary information from clients, e.g. do not store credit card details.

Businesses may also wish to consult their indemnity insurer or seek legal advice to prepare for or respond to cyber incidents.

Contacts and general resources

Australian Cyber Security Hotline - 1300 292 371
ACSC enquiry form www.cyber.gov.au/aboutus/about-asd-acsc/contact-us
Annual Cyber Threat Report for 2024-25 and 2022-23 - Australian Defence Signals Directorate
cyber.gov.au resources library for individuals, families and small businesses
cyber.gov.au resources for business and government
Tips for good privacy practice - Office of the Australian Information Commissioner